The 8 Best Free Anti-Virus Programs for Linux

Although Linux operating systems are fairly stable and secure, they may not completely be immune to threats. All computer systems can suffer from malware and viruses, including those running Linux-based operating systems. However, the number of critical threats to Linux-based operating systems is still way lower than threats for Windows or OS X.

Therefore, we need to protect our Linux systems from the various forms of threats such as viruses that can be transmitted in many ways including malicious code, email attachments, malicious URLs, rootkits to mention but a few.

In this article, we will talk about 8 best free anti-virus programs for Linux systems.

1. ClamAV

ClamAV is a free and open source, versatile anti-virus toolkit for Linux systems. It’s used for detecting trojans, viruses, malware and other malicious threats. It’s a standard for mail gateway scanning software; it supports almost all mail file formats.

The following are its well-known features:

It’s cross platform; works on Linux, Windows and Mac OS X

POSIX compliant, portable

Easy to install and use

Works primarily from the command-line interface

Supports on-access scanning (Linux only)

Provides a virus database update

It can scan within archives and compressed files (also protects against archive bombs), the built-in support includes Zip, Tar, 7Zip, Rar among others.

2. ClamTk

ClamTk is a lightweight graphical front-end for the popular command-line based ClamAV (Clam Antivirus), written using Perl and Gtk libraries for Unix-like systems such as Linux and FreeBSD.

3. ChkrootKit

ChkrootKit is a free and open source lightweight toolkit to locally check for signs of a rootkit.

It contains various programs/scripts which include:

chkrootkit – a shell script that checks system binaries for rootkit modification.

ifpromisc.c – it checks if an interface is in promiscuous mode.

chklastlog.c – this checks for lastlog deletions.

chkwtmp.c – this checks for wtmp deletions.

check_wtmpx.c – checks for wtmpx deletions (Solaris only).

chkproc.c – checks for signs of LKM trojans.

chkdirs.c – this checks for signs of LKM trojans.

strings.c – it performs quick and dirty strings replacement.

chkutmp.c – this checks for utmp deletions.

4. RookKit Hunter

Rootkit Hunter is remarkable lightweight, open source security monitoring and analyzing tool for POSIX compliant systems. It’s available for Linux and FreeBSD.

It’s a scanner for every kind of threats to a Linux system from backdoors, rootkits to various local exploits.

It’s other important features include:

It’s command-line based

It’s simple to use and offers thorough inspection capabilities.

It uses SHA-1 hash comparison to detect malicious entries.

It’s portable and compatible with most UNIX-based systems.

5. Comondo Anti-virus For Linux (CAVL)

Comondo is a powerful cross-platform anti-virus and email filtering software. Comondo Anti-virus For Linux offers great virus protection with the additional features for fully configurable anti-spam system.

Offers a mail filter which is compatible with Postfix, Qmail, Sendmail and Exim MTA’s.

6. Sophos For Linux

Sophos anti-virus for Linux is a stable and reliable anti-virus software for a wide range of Linux distributions.

It detects and eradicates viruses (including worms and Trojans) on your Linux computer. It can as well find and block all non-Linux viruses that might be stored on your Linux computer and transferred to non-Linux computers.

You can run all commands (except savscan, which is used to run on-demand scans) as root from the from the command-line interface.

Below are the notable features of Sophos For Linux:

Easy to install and runs quietly.

It’s effective and secure.

It can detect and block malware with on-access, on-demand, or scheduled scanning.

Offers excellent performance, with low impact on the system.

Offers extensive platform coverage.

7. BitDefender For Unices

BitDefender For Unices is a powerful and versatile anti-virus software suite for Linux and FreeBSD. It offers protection and on-demand scanning on both Unix-based and Windows-based disk partitions by scanning for viruses and malware.

The following are a few of its remarkable features:

Enables scanning of archives.

Supports desktop integration.

It has an intuitive GUI and powerful command line interface that supports OS scripting tools.

It can quarantine infected files into a protected directory.

8. F-PROT For Linux

F-PROT anti-virus for Linux workstations is a free powerful scanning engine for use on home/personal workstations. Developed to effectively get rid of viruses threatening workstations running Linux, it offers full protection against macro viruses and other forms of malicious software including Trojans.

Aaron Kili is a Linux and F.O.S.S enthusiast, an upcoming Linux SysAdmin, web developer, and currently a content creator for TecMint who loves working with computers and strongly believes in sharing knowledge.

Your name can also be listed here. Got a tip? Submit it here to become an TecMint author.

Aaron, this tutorial is good with the pertinent observations made by @Dwobry, but nobody is perfect, and in each day we could learn something if we want to.

In this context (antivirus/antimalware), maybe for some guys, it is useful to mention about havp. It is a proxy who will scan http traffic with several antivirus engine (clamav included).

Another useful tip is how you install your system (more partitions is better) For example in my case I have /boot, /home and /tmp mounted with: noexec, nodev. Any malware needs to be downloaded and then will be executed. But the most powerful antivirus engine is our knowledge and the good sense.

A smart guy (shame on me because I do not remember his name), has said a very smart thing (in my opinion ) – security is not a product (like clamav or what-ever), it is a process. I think that in the last years … we run after the various products, and we forgot the PROCCESS ;)

If I may, I’m wondering why arent you guys doublechecking and creating a well-informed post about this subject matter instead of just posting something which has no structured basis or factual relevance?

1. Clamtk is not an av, it`s graphical interface as you mentioned, but then why is it on the second place in a top of av`s?
2. ClamAv is not a great av, just idealists whom belive in similar ideas to FSF are holding up as the only good av.
3. Bitdefender for Unices, announced if I’m not mistaking around more than a year ago the end of life on this project, meanwhile offering a business alternative to it.
4. Meanwhile F-Prot didn`t received any updates since 2013.

Hence from your 8 place list, we`ve eliminated 2 ( Fprot & Bitdefender because EOL ), which gives us a 6 place list: which I would recommend to be taught of differently. If you have idealistic FOSS belives, the first two places should be Chkroot and Lyons ( Rk Hunter which i honestly don’t think exists anymore, but from what i gathered their official site now redirects to Lynis ). And if you dont have strong belives in the direction of FOSS, you could try Sophos.

The list is not in order of the AV that works best, how each user will rate an AV in the list depends on their usage experience. However, we highly respect your views here. Many thanks for sharing your concerns with us.